sqreen 1.15.7.beta1-java → 1.15.7-java

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ce7a33c0d45ac85cb7b769691ef02e4bff94a935192059d8e9caae7e442e4c42
4
- data.tar.gz: f5bcab2aa9ce1a2afc5804adf14e0523048ad0ba66a89cb9e794ef2da60323f7
3
+ metadata.gz: ab0f7f327746411e048e85c39d5a85eb0e5160de4561d9dd996b689313db356e
4
+ data.tar.gz: a6b48b211b1694a109e57e394ceec8c678b31585a3313211d028ab0798467b2d
5
5
  SHA512:
6
- metadata.gz: 6a8eceb60dcfa234f27af93c4fbdc1d9ec6e8ce4857d4d415f16c654f1b35af3bb520892e6557776ff85a40b68bc59063f13804fc31e335a7338a6fba4df13a8
7
- data.tar.gz: ba74c1bb2880372953f0571e8fdc3ab95b975e8a55efe36760c0e874c0e5526ee1d7bc632a84e0e318b88fc5ce353e53721d6d78a4ca64dde8b5b5e38848304b
6
+ metadata.gz: 3e951226c019ee021a9203609971bef97b9bc738f43a624c41e4eedae17803009f3d6232f336422522b6f9b0453b631423674327c5f3ebb78db1e7a7f0506905
7
+ data.tar.gz: 19297ce483987c4c714a76b76409ca7139ebda5ec01f4da7ca79ce5d80a6faa1b37d732df9548037c00319ac1b82e40f906c384e29dfb9a869c088fc0010cd89
@@ -1,7 +1,7 @@
1
1
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
2
  # Please refer to our terms for more information: https://www.sqreen.io/terms.html
3
3
 
4
- require 'ipaddr'
4
+ require 'sqreen/trie'
5
5
 
6
6
  require 'sqreen/rule_callback'
7
7
 
@@ -11,8 +11,9 @@ module Sqreen
11
11
  class BlacklistIPsCB < RuleCB
12
12
  def initialize(klass, method, rule_hash)
13
13
  super(klass, method, rule_hash)
14
- @ips = Hash[@data['values'].map { |v| [v, IPAddr.new(v)] }]
15
- Sqreen.log.info 'no ips given for IP blacklisting' if @ips.empty?
14
+ @trie_v4 = Sqreen::Trie.new
15
+ @trie_v6 = Sqreen::Trie.new(nil, nil, Socket::AF_INET6)
16
+ insert_values(@data['values'])
16
17
  end
17
18
 
18
19
  def pre(_inst, _args, _budget = nil, &_block)
@@ -26,18 +27,33 @@ module Sqreen
26
27
  advise_action(:raise, :skip_rem_cbs => true)
27
28
  end
28
29
 
29
- protected
30
+ private
31
+
32
+ def insert_values(ranges)
33
+ Sqreen.log.info 'no ips given for IP blacklisting' if ranges.empty?
34
+
35
+ ranges.map { |r| Prefix.from_str(r, r) }.each do |prefix|
36
+ trie_for(prefix).insert prefix
37
+ end
38
+ end
39
+
40
+ def trie_for(prefix)
41
+ prefix.family == Socket::AF_INET6 ? @trie_v6 : @trie_v4
42
+ end
30
43
 
31
44
  # Is this a blacklisted ip?
32
45
  # return the ip blacklisted range that match ip
33
46
  def find_blacklisted_ip(rip)
34
- ret = (@ips || {}).find do |_, ip|
35
- ip.include?(rip)
47
+ begin
48
+ ipa = IPAddr.new(rip)
49
+ rescue
50
+ Sqreen.log.info "invalid IP address given by framework: #{rip}"
51
+ return nil
36
52
  end
37
- return nil unless ret
38
- ret.first
39
- rescue
40
- nil
53
+
54
+ range = trie_for(ipa).search_best(ipa.to_i, ipa.family)
55
+ return nil unless range
56
+ range.data
41
57
  end
42
58
  end
43
59
  end
@@ -182,6 +182,7 @@ module Sqreen
182
182
 
183
183
  def node_to_ip_addr(node)
184
184
  ret = IPAddr.new(node.prefix.address, node.prefix.family)
185
+ ret.send(:mask!, node.prefix.bitlen)
185
186
  ret.singleton_class.send(:define_method, :data) { node.prefix.data }
186
187
  ret
187
188
  end
@@ -1,5 +1,5 @@
1
1
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
2
  # Please refer to our terms for more information: https://www.sqreen.io/terms.html
3
3
  module Sqreen
4
- VERSION = '1.15.7.beta1'.freeze
4
+ VERSION = '1.15.7'.freeze
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sqreen
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.15.7.beta1
4
+ version: 1.15.7
5
5
  platform: java
6
6
  authors:
7
7
  - Sqreen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-11-23 00:00:00.000000000 Z
11
+ date: 2018-11-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
@@ -148,9 +148,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
148
148
  version: '0'
149
149
  required_rubygems_version: !ruby/object:Gem::Requirement
150
150
  requirements:
151
- - - ">"
151
+ - - ">="
152
152
  - !ruby/object:Gem::Version
153
- version: 1.3.1
153
+ version: '0'
154
154
  requirements: []
155
155
  rubyforge_project:
156
156
  rubygems_version: 2.7.7